CVE-2012-6544

Sažetak

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.

Reference

http://www.openwall.com/lists/oss-security/2013/03/05/13
https://github.com/torvalds/linux/commit/e15ca9a0ef9a86f0477530b0f44a725d67f889ee
https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2
https://github.com/torvalds/linux/commit/792039c73cf176c8e39a6e8beef2c94ff46522ed
https://github.com/torvalds/linux/commit/3f68ba07b1da811bf383b4b701b129bfcb2e4988
http://www.ubuntu.com/usn/USN-1805-1
http://www.ubuntu.com/usn/USN-1808-1
http://rhn.redhat.com/errata/RHSA-2013-1173.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=792039c73cf176c8e39a6e8beef2c94ff46522ed
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e15ca9a0ef9a86f0477530b0f44a725d67f889ee
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f68ba07b1da811bf383b4b701b129bfcb2e4988

CVSS

Base:	1.9
Impact:	2.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

07-11-2023 - 02:13

Objavljeno

15-03-2013 - 20:55